Description: Lab exercise explains ike phase1 gateway configuration and referencing ike policy defined
A remote IKE peer can be identified by either IP address, FQDN/u-FQDN or ASN1-DN (PKI certificates). For this example we are identifying the peer by IP address. Therefore the gateway address should be the remote peer’s public IP address. It is important also to specify the correct external interface. If either the peer address or external interface specified is incorrect then the IKE gateway will not be properly identified during phase 1 negotiations.
[edit security ike]
1. Create an IKE Phase 1 gateway and define its external interface.
2. Define the IKE Phase 1 policy reference.
3. Define IKE Phase1 gateway address
refer to the CertExams.com Juniper
Network Simulator software
for complete lab.